Introducing VMware vSphere Platinum

Tuesday 18th December 2018

VMware vSphere Platinum has been released!

It's is a new edition of vSphere that delivers advanced security capabilities fully integrated into the hypervisor. This new release combines the industry leading capabilities of vSphere with VMware AppDefense, delivering purpose-built VMs to secure applications.

With these new capabilities, vSphere Platinum secures infrastructure and applications by leveraging the hypervisor and the power of machine learning in a way that is built-in, operationally simple, and with minimal overhead or impact on performance. vSphere Platinum allows the vSphere Admin to deliver secure infrastructure and applications by enabling virtual machines to run in a “known good” state.

New threat vectors appear every day, and vSphere Platinum delivers new capabilities to address these in-guest threats. Included with vSphere Platinum, VMware AppDefense delivers key capabilities to protect applications running on vSphere. AppDefense understands an application’s intended state and behavior, then monitors for changes to that intended state. Any change from this “known good” state would indicate a threat. This method enables the virtual machine to run in “known good” state rather than trying to detect threats that may not fit a known signature.

vSphere Platinum secures applications, infrastructure, data, and access with the combined capabilities of core vSphere and AppDefense. It enables a simple and powerful way to maintain existing workflows, while supporting collaboration amongst vSphere Admins, and Security, Compliance and Application teams; making for less disruptive response and remediation in a security incident.

VMware AppDefense – Protects the integrity of applications running on vSphere, using machine learning to monitor against threats and automate responses. AppDefense locks down the guest operating system for all applications, the VMware application stack and third-party applications. To accomplish this, AppDefense gathers inventory data on virtual machines and applications from vCenter Server, development tools, and automation frameworks and applies machine learning to discover the intended state and establish the known good behaviors for the application and machine. Any deviations from this state are detected and prevented, securing the integrity of the applications, infrastructure, and guest operating system. AppDefense provides detailed visibility for better change management and compliance reporting, and also provides a rich set of automated or orchestrated incident response mechanisms to address attacks. Moreover, it leverages machine learning for a simple and automated way to conduct audits and reviews for applications

Secure Data

FIPS 140-2 Validated VM Encryption, and cross-vCenter Encrypted vMotion – Secure against unauthorised data access both at rest and in motion, across the hybrid cloud.

Secure Infrastructure

Secure Boot for ESXi – Allows only VMware and Partner signed code to run in your hypervisor.

Secure Boot for Virtual Machines – Helps prevent images from being tampered with and prevents the loading of unauthorised components.

Support for TPM 2.0 for ESXi – Enables hypervisor integrity by validating the Secure Boot for ESXi process and enables remote host attestation.

Virtual TPM 2.0 – Provides the necessary support for guest operating system security features while retaining operational features such as vMotion and disaster recovery.

Support for Microsoft Virtualisation Based Security – Supports Windows 10 and Windows 2016 security features, like Credential Guard, on vSphere.